CVE-2005-3128
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
5.8 Medium
AI Score
Confidence
High
0.009 Low
EPSS
Percentile
82.9%
Cross-site scripting (XSS) vulnerability in add.php in Address Add Plugin 1.9 and 2.0 for Squirrelmail allows remote attackers to inject arbitrary web script or HTML via the IMG tag.
Affected configurations
References
docs.info.apple.com/article.html?artnum=306172
lists.apple.com/archives/security-announce//2007/Jul/msg00004.html
marc.info/?l=bugtraq&m=112801672520766&w=2
moritz-naumann.com/adv/0002/sqmadd/0002.txt
secunia.com/advisories/16987/
secunia.com/advisories/26235
securitytracker.com/id?1014988
squirrelmail.org/plugin_view.php?id=101
www.mandriva.com/security/advisories?name=MDKSA-2005:178
www.securityfocus.com/bid/14973
www.securityfocus.com/bid/25159
www.vupen.com/english/advisories/2007/2732
exchange.xforce.ibmcloud.com/vulnerabilities/22453
Related
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
5.8 Medium
AI Score
Confidence
High
0.009 Low
EPSS
Percentile
82.9%